Enterprises, including financial institutions, often employ numerous transaction and data processing systems to support daily activities. Such transaction and data processing systems may be implemented with computer-executable applications. In many instances, for example where applications interface with the Internet and/or process sensitive data, applications may be subject to security vulnerabilities unless such applications are programmed or otherwise implemented to avoid or prevent vulnerabilities. Accordingly, enterprises employing transaction and data processing systems often require extensive vulnerability assessment of these systems, including identification of vulnerabilities, remediation of vulnerabilities, and verification of remediation. Development and validation of transaction and data processing systems may be dispersed across and enterprise and may be managed by leaders from different lines of businesses and geographic regions. Thus, coordination and management of vulnerability assessment remains a challenge for enterprises.